<?php

if (array_key_exists('value', $vars)) {
	$value = $vars['value'];
} elseif ($value = get_input('q', get_input('tag', NULL))) {
	$value = $value;
} else {
	$value = elgg_echo('hypeLiveSearch:search');
}

// @todo - why the strip slashes?
$value = stripslashes($value);

// @todo - create function for sanitization of strings for display in 1.8
// encode <,>,&, quotes and characters above 127
if (function_exists('mb_convert_encoding')) {
	$display_query = mb_convert_encoding($value, 'HTML-ENTITIES', 'UTF-8');
	$display_query = htmlspecialchars($display_query, ENT_QUOTES, 'UTF-8', false);
} else {
	// we list mb_string as a requirement, why do we check if the function exists?
	$display_query = htmlentities($display_query, ENT_QUOTES, 'UTF-8', false);
}


$form_body = elgg_view('input/js');

$form_body .= elgg_view('input/hypeAutocomplete', array(
            'internalname' => 'q',
            'value' => $display_query,
            'extra_class' => 'search_input',
        ));

//$form_body .= elgg_view('input/submit', array('value' => elgg_echo('search:go')));
$val = elgg_echo('hypeLiveSearch:go');
$form_body .= '<input type="button" value="'.$val.'" class="search_submit_button" onclick="codeAddress()" />';


$form_body = elgg_view('input/form', array(
            'body' => $form_body,
            'internalid' => 'searchform',
            //'action' => $vars['url'] . 'action/livesearch/search/',
            'method' => GET,
        )); 

echo $form_body;
?>
